The D.C. Board of Elections Admits Voter Data was Compromised in A Website Hack -

Post Views: 441

The D.C. Board of Elections Admits Voter Data was Compromised in A Website Hack

Columbia: The District of Columbia Board of Elections (DCBOE) is presently investigating a data breach that has potentially compromised an undisclosed quantity of voter records. This breach was reported by a threat actor named RansomedVC.

The District of Columbia Board of Elections (DCBOE) functions as an independent entity within the governmental structure of the District of Columbia. Its primary responsibilities include the supervision of electoral procedures, facilitation of ballot access, and administration of voter registration protocols.

The examination of the allegations has unveiled that the perpetrators gained unauthorized access to the data by exploiting vulnerabilities in the web server operated by DataNet, the hosting service utilized by the electoral authority of Washington D.C.

It is worth noting that the breach did not entail a direct compromise of the servers and internal systems of the DCBOE.

On October 5th, the District of Columbia Board of Elections (DCBOE) was made aware of a cybersecurity incident pertaining to the voter records of the District of Columbia. The agency stated that its internal databases and computers were not affected, however, the matter is still being investigated.

In a collaborative effort with the Computer Incident Response Team (CIRT) of MS-ISAC, the District of Columbia Board of Elections (DCBOE) promptly deactivated its website and substituted it with a maintenance page in order to mitigate the issue subsequent to identifying it as the origin of the security breach.

Following the revelation of the aforementioned occurrence, the electoral committee collaborated with specialists in data security, namely the Federal Bureau of Investigation (FBI) and the Department of Homeland Security (DHS), to undertake a thorough evaluation of the security measures implemented inside its internal systems.

Furthermore, the DCBOE undertook vulnerability scans throughout its database, server, and IT networks in order to detect any potential security vulnerabilities that may have permitted the unauthorized access of the stolen material by the attackers.

Stolen Data Up For Sale On The Dark Web

According to RansomedVC, the aforementioned incident reportedly led to the unauthorized acquisition of more than 600,000 lines of voter data pertaining to United States citizens, specifically covering records of voters residing in the District of Columbia.

The individual responsible for the breach claims to have effectively infiltrated the District of Columbia Board of Elections, obtaining a substantial amount of data consisting of over 600,000 records pertaining to registered voters in the United States.

The purloined data is presently being made available for purchase on the dark web leak site operated by the threat actor, while the specific cost remains hidden.

In order to authenticate the data, RansomedVC has presented a solitary record purportedly having the personal information of a voter from Washington D.C.

The dataset encompasses several personal identifiers such as the individual’s name, registration ID, voter ID, partial Social Security number, driver’s license number, date of birth, phone number, email, and additional information.

According to the statement issued by the election authority in Washington, D.C., it is important to acknowledge that certain voter registration data, including voter names, addresses, voting records, and party affiliation, is considered public information within the District of Columbia. However, it is worth mentioning that this data may be classified as confidential in accordance with the rules and regulations established by the District of Columbia.

Nevertheless, election authorities refrain from granting access to sensitive data, including voters’ contact information and Social Security Numbers (SSNs).

RansomedVC informed DataBreaches.net, the first source of the data breach story on Thursday, that the purloined voter records are intended for sale to a sole purchaser.

Highly Known for Controversial Claims

According to an anonymous source who spoke to BleepingComputer on October 3rd, it was reported that RansomedVC has taken responsibility for the breach and is currently offering the compromised data for sale on their leak site. Prior to this, the stolen database belonging to DCBOE was allegedly made available for purchase on the BreachForums and Sinister.ly hacking forums by an individual known as pwncoder. It is worth noting that the aforementioned posts have since been removed.

According to the evidence provided to BleepingComputer, the data in question was extracted from a compromised MSSQL database. This database breach resulted in the unauthorized access to the personal information of over 600,000 registered voters in the District of Columbia.

The veracity of RansomedVC’s recent assertions, wherein they purportedly infiltrated Sony’s networks and absconded with a substantial 260GB of data, has been called into question by an alternative individual known as MajorNelson. This opposing threat actor has cast doubt on RansomedVC’s claims, despite the latter’s presentation of a 2MB leaked archive as supporting evidence.

The second party subsequently disclosed a 2.4-gigabyte collection of files on BreachForums, purportedly obtained from the information systems of Sony.

Although the data disclosed by the individuals responsible appears to be associated with Sony, BleepingComputer was unable to verify the credibility of the assertions made by either party.

About The Author:

Yogesh Naager is a content marketer who specializes in the cybersecurity and B2B space. Besides writing for the News4Hackers blog, he’s also written for brands including CollegeDunia, Utsav Fashion, and NASSCOM. Naager entered the field of content in an unusual way. He began his career as an insurance sales executive, where he developed an interest in simplifying difficult concepts. He also combines this interest with a love of narrative, which makes him a good writer in the cybersecurity field. In the bottom line, he frequently writes for Craw Security.